Responding to Non- Compliance or Suspected Non-Compliance with Laws and Regulations

Transcription

1 Exposure Draft July 2015 Comments due: October 21, 2015 Proposed Amendments to the IAASB s International Standards Responding to Non- Compliance or Suspected Non-Compliance with Laws and Regulations

2 This Exposure Draft was developed and approved by the International Auditing and Assurance Standards Board (IAASB ). The IAASB develops auditing and assurance standards and guidance for use by all professional accountants under a shared standard-setting process involving the Public Interest Oversight Board, which oversees the activities of the IAASB, and the IAASB Consultative Advisory Group, which provides public interest input into the development of the standards and guidance. The objective of the IAASB is to serve the public interest by setting high-quality auditing, assurance, and other related standards and by facilitating the convergence of international and national auditing and assurance standards, thereby enhancing the quality and consistency of practice throughout the world and strengthening public confidence in the global auditing and assurance profession. The structures and processes that support the operations of the IAASB are facilitated by the International Federation of Accountants (IFAC ). Copyright July 2015 by IFAC. The IAASB logo, name and acronym, and the names of the pronouncements it issues and related acronyms, are trademarks. For copyright, trademark, and permissions information, please see page 29.

3 REQUEST FOR COMMENTS This Exposure Draft, Proposed Amendments to the IAASB s International Standards Responding to Non- Compliance or Suspected Non-Compliance with Laws and Regulations, was developed and approved by the International Auditing and Assurance Standards Board (IAASB). The proposals in this Exposure Draft may be modified in light of comments received before being issued in final form. Comments are requested by October 21, Respondents are asked to submit their comments electronically through the IAASB website, using the Submit a Comment link. Please note that all fields are required. In order to be accepted, comments must be submitted in both PDF and Word formats. First-time users must register to use this feature. All comments will be considered a matter of public record and will ultimately be posted on the IAASB s website. This publication may be downloaded free of charge from the IAASB website: The approved text is published in the English language. 3

5 EXPLANATORY MEMORANDUM Introduction 1. This memorandum provides background to, and an explanation of, the International Auditing and Assurance Standards Board s (IAASB s) proposed amendments to certain of its International Standards1 in response to the International Ethics Standards Board for Accountants (IESBA s) Re- Exposure Draft (ED), Responding to Non-Compliance with Laws and Regulations. The IAASB approved the proposed amendments to the following of its International Standards in June 2015 for exposure: ISA 220, Quality Control for an Audit of Financial Statements; ISA 240, The Auditor s Responsibilities Relating to Fraud in an Audit of Financial Statements; ISA 250, Consideration of Laws and Regulations in an Audit of Financial Statements; ISA 260 (Revised), Communication with Those Charged with Governance; ISA 450, Evaluation of Misstatements Identified during the Audit; ISQC 1, Quality Control for Firms that Perform Audits and Reviews of Financial Statements, and Other Assurance and Related Services Engagements; ISRE 2400 (Revised), Engagements to Review Historical Financial Statements; and ISAE 3402, Assurance Reports on Controls at a Service Organization. Background The IESBA s Project Responding to Non-Compliance with Laws and Regulations 2. In providing a professional service to a client or carrying out professional activities for an employer, a professional accountant (including an auditor or an assurance practitioner) 2 may come across an act or suspected act of Non-Compliance with Laws and Regulations (NOCLAR). Such an act may have been committed or may be about to be committed by the client or employer, or by those charged with governance (TCWG), management or employees of the client or employer. The IESBA noted that the professional accountant has a prima facie ethical responsibility not to turn a blind eye to identified or suspected NOCLAR. At the same time, the IESBA recognized that dealing with NOCLAR can often be a difficult and stressful one for the professional accountant and commenced a project addressing these circumstances. 3. The IESBA released an ED, Responding to a Suspected Illegal Act, in August 2012 with proposed enhancements to the IESBA Code of Ethics for Professional Accountants (IESBA Code) to help guide the professional accountant in dealing with such situations and in deciding how best to act in the public interest. In response to stakeholder feedback, the IESBA revised the proposals and issued a Re-ED, Responding to Non-Compliance with Laws & Regulations, in May The comment period 1 The IAASB s International Standards comprise the International Standards on Auditing TM (ISAs TM ), International Standards on Review Engagements TM (ISREs TM ), International Standards on Assurance Engagements TM (ISAEs TM ), International Standards on Related Services TM (ISRSs TM ), and International Standards on Quality Control TM (ISQCs TM ). 2 Henceforth, the term auditor is used to include both auditors and practitioners. 5

6 EXPLANATORY MEMORANDUM on the Re-ED closes on September 4, The IESBA is aiming to approve the restructured Code by Q4 2016, with the effective date to be determined in due course. Implications of the IESBA NOCLAR Project on the IAASB s International Standards 4. The IAASB has been kept apprised of developments on the IESBA s NOCLAR project through updates and discussions at IAASB meetings over the life of the IESBA s NOCLAR project, with specific focus on the latest IESBA proposals at the December 2014 and March 2015 IAASB meetings. In particular, at the March 2015 IAASB meeting, the Chair of the IESBA s NOCLAR Task Force briefed the IAASB on the near-final proposals in the draft Re-ED. 5. Under the IESBA s NOCLAR proposals, the professional accountant would have the right to disclose an identified or suspected NOCLAR to an appropriate authority if the professional accountant determines that such disclosure is an appropriate course of action in the circumstances. If the professional accountant determines that such a disclosure is appropriate, this will not be considered a breach of the duty of confidentiality under Section 140 of the IESBA Code. Certain of the IAASB s International Standards, however, contain material that does not explicitly recognize this proposed right, under the proposals, to disclose an identified or suspected NOCLAR. For example, ISA 250 states that [t]he auditor s professional duty to maintain the confidentiality of client information may preclude reporting identified or suspected non-compliance with laws and regulations to a party outside the entity. 3 While this does not necessarily contradict the proposed right to disclose, it would not draw this proposed right to the attention of the auditor. 6. The IAASB believes that changes to the IAASB s International Standards would be warranted to address actual or perceived inconsistencies of the approach to identifying and dealing with instances of NOCLAR or suspected NOCLAR in complying with ISA 250 and other International Standards, including the scope of laws and regulations to be considered, when the IESBA Code also applies if the NOCLAR proposals are finalized as in the Re-ED. Failing to address such actual or perceived inconsistencies may raise questions among stakeholders regarding the clarity of the interaction between the IAASB s International Standards and the auditor s ethical obligations under the IESBA Code. 7. The IAASB established a Working Group in March 2015, which includes a member of the IESBA s NOCLAR Task Force, and, in June 2015, the IAASB approved a project addressing the implications for the IAASB s International Standards. Public Interest Issues Addressed by This Project 8. The IAASB believes that it is in the public interest that its International Standards and the IESBA Code be able to operate in concert and without confusion due to the many jurisdictions that utilize both. It is also important that the IAASB s International Standards acknowledge and do not potentially undermine the enhancements that will be made to the IESBA Code as a result of the NOCLAR project either through being inconsistent or through failing to draw appropriate attention to the revised requirements in the IESBA Code. Equally, it would not be in the public interest for practitioners to be placed in a situation where the IESBA Code required one approach but the IAASB s International Standards, either in the requirements or the application material, did not support or recognize that approach. 3 ISA 250, paragraph A19 6

7 EXPLANATORY MEMORANDUM 9. The IAASB reflected on how best to progress its project, recognizing the benefits of alignment of comment periods with the IESBA s Re-ED. After considering alternatives, including the need for a more fulsome revision of ISA 250, the IAASB agreed to propose limited amendments to certain of its International Standards at this time and finalized the ED on this basis. Doing so enables stakeholders to consider the proposed limited amendments to the IAASB s International Standards alongside the IESBA s NOCLAR proposals, thereby facilitating a coordinated review of, and response to, both IAASB and IESBA proposals by stakeholders, which is also in the public interest. Guide for Respondents The IAASB welcomes comments on all matters addressed in this ED, but especially those identified in the Request for Comments section. Comments are most helpful when they refer to specific paragraphs, include the reasons for the comments, and make specific suggestions for any proposed changes to wording. When a respondent agrees with proposals in this ED (especially those calling for change in current practice), it will be helpful for the IAASB to be made aware of this view as this cannot always be inferred when not stated. Significant Matters The Nature of the Proposed Limited Amendments 10. The ED includes those amendments that the IAASB has determined would be necessary to resolve actual or perceived inconsistencies of approach or to clarify and emphasize key aspects of the NOCLAR proposals in its International Standards. These amendments are based on the IESBA s proposed NOCLAR amendments. 11. Broadly, the proposed amendments to the IAASB s International Standards can be characterized as follows: (a) (b) (c) Proposed amendments to recognize and reflect changes to the auditor s duty of confidentiality, particularly the legal or ethical duty or right to disclose identified or suspected NOCLAR to an appropriate authority, reflected in the IESBA s NOCLAR proposals. See, for example, the proposed amendment to paragraph 28 of ISA 250, which replaces a generic term ( responsibility ) with a more specific phrase ( legal or ethical duty or right ) to give appropriate emphasis to the proposed change in the IESBA Code. New guidance to clarify the implications of the IESBA s NOCLAR proposals on ISA 250, such as the possibility that the auditor may otherwise become aware of matters that the auditor is required to address under relevant ethical requirements, and which may have an effect on the audit. Illustrations of this type of proposed amendment are in paragraphs A12a and A17 of ISA 250. For example, if the auditor becomes aware of NOCLAR that the auditor is required to address under relevant ethical requirements, such non-compliance is relevant to the auditor s responsibilities in accordance with paragraphs of ISA 250 for example, such noncompliance may cause the auditor to evaluate the integrity of management and, when appropriate, those charged with governance, even if the non-compliance does not have a direct material effect on the financial statements. Provisions that bring key aspects of the IESBA s NOCLAR proposals to the auditor s attention. For example, new paragraph 8a of ISA 250 and new paragraph 8a of ISA 240 highlight that the 7

8 EXPLANATORY MEMORANDUM auditor may have additional obligations under relevant ethical requirements regarding NOCLAR. (d) (e) (f) New guidance to highlight a requirement in the IESBA Re-ED that, in the case of an audit of financial statements, a professional accountant shall request the existing accountant to provide known information regarding any facts or circumstances that, in the existing accountant s opinion, the proposed accountant needs to be aware of before deciding whether to accept the engagement (see paragraph A8a of ISA 220). The term predecessor auditor is used instead of existing accountant to be consistent with extant terminology in the ISAs. New guidance to recognize that laws or regulations may prohibit alerting ( tipping off ) the entity when, for example, the auditor is required to report a NOCLAR to an appropriate authority pursuant to money laundering legislation (see paragraph A15 of ISA 250, paragraph A59a of ISA 240, paragraph 7 of ISA 260 (Revised), and paragraph A8 of ISA 450). Other changes, such as additional examples or explanatory material, which the IAASB believes would significantly clarify the application of its International Standards in light of the IESBA NOCLAR proposals. Examples of this include paragraph A5a of ISA 250, which gives examples of relevant laws and regulations drawn from the IESBA NOCLAR Re-ED. 1. The proposed limited amendments do not explicitly duplicate in detail all the specific requirements in the IESBA Code. This allows for flexibility when ethical codes other than the IESBA Code are applied and to minimize the amount of material that would be incorporated into ISA 250 and other of the IAASB s International Standards. This approach is consistent with how reference was made in ISA 260 (Revised) to the requirements in the IESBA Code to communicate with TCWG about breaches of independence. Request for Comments While the IAASB welcomes comments on all matters addressed in this ED, the IAASB is specifically seeking comments on the following matter 12. Whether respondents believe the proposed limited amendments are sufficient to resolve actual or perceived inconsistencies of approach or to clarify and emphasize key aspects of the NOCLAR proposals in the IAASB s International Standards. 13. The impact, if any, of the proposed limited amendments in jurisdictions that have not adopted, or do not plan to adopt, the IESBA Code. For example, would any of the changes to the IAASB s International Standards be deemed incompatible with the relevant ethical requirements that would apply in those jurisdictions? In addition to the requests for specific comments above, the IAASB is also seeking comments on the general matters set out below: (a) (b) Preparers (including Small- and Medium-Sized Entities (SMEs)), and Users (including Regulators) The IAASB invites comments on the proposed amendments to its International Standards from preparers and users. Developing Nations Recognizing that many developing nations have adopted or are in the process of adopting its International Standards, the IAASB invites respondents from these nations to comment on the proposed amendments to its International Standards, in particular, on any foreseeable difficulties in applying it in a developing nation environment. 8

9 EXPLANATORY MEMORANDUM (c) (d) Translations Recognizing that many respondents may intend to translate the final amendments to its International Standards for adoption in their own environments, the IAASB welcomes comment on potential translation issues respondents may note in reviewing the proposed amendments to its International Standards. Effective Date it is anticipated that the effective date of the amendments to the IAASB s International Standards would be aligned with the effective date of the NOCLAR standards, which the IESBA will determine in due course. Invitation for Additional Input 14. Consultations undertaken as part of developing the IAASB s current Strategy and Work Plan had not demonstrated that ISA 250 warranted immediate revision, particularly in light of the other projects that the IAASB was asked to prioritize in the public interest. 15. The IAASB was of the view that this Explanatory Memorandum could be a vehicle for soliciting stakeholders views as to whether there is merit in exploring other aspects of ISA 250 where further improvements may need to be considered in due course (i.e., under a future IAASB Work Plan). 16. For example, further consideration of the following areas may be viewed as beneficial: Whether the existing distinction between the types of laws and regulations (see paragraph 6 of ISA 250) and the different levels of work effort applied to each under extant ISA 250 warrants further investigation or revision. Whether ISA 250 should address making inquiries of management or, when appropriate, TCWG, regarding NOCLAR that may occur. Whether ISA 250 should include a requirement to obtain an understanding of how management identifies and addresses known or suspected NOCLAR as an essential component in obtaining an understanding of the entity and its environment. How ISA 250 addresses personal misconduct related to the business activities of the entity or parties associated with the entity, including contractors. How NOCLAR is addressed in other ISAs, such as when dealing with auditor s experts and in a group audit situation On balance, the IAASB did not believe it is necessary at this time to further explore these areas or to undertake a more fulsome revision of ISA 250. Developing these additional changes could prolong the finalization of the proposed changes to the IAASB s International Standards and could have unintended consequences in circumstances where ethical codes other than the IESBA Code are applied. Finally, the IAASB also noted that its Work Program is unlikely to be able to accommodate a project to more fully revise ISA 250 without delaying or deferring other projects that received broad support when the IAASB consulted on its Strategy for Accordingly, the IAASB will continue with the limited amendments as proposed in this ED. 18. Should respondents be of the view that a more fulsome review of ISA 250 would nevertheless be beneficial in due course, the IAASB would need to consider the possibility of doing so in consulting 4 This matter has been referred to the Working Group dealing with the topic of Group Audits for further consideration. 9

10 EXPLANATORY MEMORANDUM on future Work Plans. Respondents are therefore asked for their comments, if any, on what further changes may be required to ISA 250 and why. 10

11 Proposed Amendments to the IAASB's International Standards Responding to Non-Compliance or Suspected Non-Compliance with Laws and Regulations INTERNATIONAL STANDARD ON AUDITING 250 CONSIDERATION OF LAWS AND REGULATIONS IN AN AUDIT OF FINANCIAL STATEMENTS Introduction CONTENTS Paragraph Scope of this ISA... 1 Effect of Laws and Regulations... 2 Responsibility for Compliance with Laws and Regulations... 38a Effective Date... 9 Objectives Definition Requirements The Auditor s Consideration of Compliance with Laws and Regulations... Audit Procedures When Non-Compliance is Identified or Suspected... Reporting of Identified or Suspected Non-Compliance Documentation Application and Other Explanatory Material Responsibility for Compliance with Laws and Regulations... The Auditor s Consideration of Compliance with Laws and Regulations... Audit Procedures When Non-Compliance is Identified or Suspected... Reporting of Identified or Suspected Non-Compliance... Documentation... A1A6 A7A12 A1318 A19A20 A21 International Standard on Auditing (ISA) 250, Consideration of Laws and Regulations in an Audit of Financial Statements, should be read in conjunction with ISA 200, Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing. 11

12 Introduction Scope of this ISA 1. This International Standard on Auditing (ISA) deals with the auditor s responsibility to consider laws and regulations in an audit of financial statements. This ISA does not apply to other assurance engagements in which the auditor is specifically engaged to test and report separately on compliance with specific laws or regulations. Effect of Laws and Regulations 2. The effect on financial statements of laws and regulations varies considerably. Those laws and regulations to which an entity is subject constitute the legal and regulatory framework. The provisions of some laws or regulations have a direct effect on the financial statements in that they determine the reported amounts and disclosures in an entity s financial statements. Other laws or regulations are to be complied with by management or set the provisions under which the entity is allowed to conduct its business but do not have a direct effect on an entity s financial statements. Some entities operate in heavily regulated industries (such as banks and chemical companies). Others are subject only to the many laws and regulations that relate generally to the operating aspects of the business (such as those related to occupational safety and health, and equal employment opportunity). Noncompliance with laws and regulations may result in fines, litigation or other consequences for the entity that may have a material effect on the financial statements. Responsibility for Compliance with Laws and Regulations (Ref: Para. A1 A6) 3. It is the responsibility of management, with the oversight of those charged with governance, to ensure that the entity s operations are conducted in accordance with the provisions of laws and regulations, including compliance with the provisions of laws and regulations that determine the reported amounts and disclosures in an entity s financial statements. Responsibility of the Auditor 4. The requirements in this ISA are designed to assist the auditor in identifying material misstatement of the financial statements due to non-compliance with laws and regulations. However, the auditor is not responsible for preventing non-compliance and cannot be expected to detect non-compliance with all laws and regulations. 5. The auditor is responsible for obtaining reasonable assurance that the financial statements, taken as a whole, are free from material misstatement, whether caused by fraud or error. 5 In conducting an audit of financial statements, the auditor takes into account the applicable legal and regulatory framework. Owing to the inherent limitations of an audit, there is an unavoidable risk that some material misstatements in the financial statements may not be detected, even though the audit is properly planned and performed in accordance with the ISAs. 6 In the context of laws and regulations, the potential effects of inherent limitations on the auditor s ability to detect material misstatements are greater for such reasons as the following: 5 ISA 200, Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing, paragraph 5 6 ISA 200, paragraphs A51 A52 12

13 There are many laws and regulations, relating principally to the operating aspects of an entity, that typically do not affect the financial statements and are not captured by the entity s information systems relevant to financial reporting. Non-compliance may involve conduct designed to conceal it, such as collusion, forgery, deliberate failure to record transactions, management override of controls or intentional misrepresentations being made to the auditor. Whether an act constitutes non-compliance is ultimately a matter for legal determination by an appropriate legal or adjudicative body court of law. Ordinarily, the further removed non-compliance is from the events and transactions reflected in the financial statements, the less likely the auditor is to become aware of it or to recognize the noncompliance. 6. This ISA distinguishes the auditor s responsibilities in relation to compliance with two different categories of laws and regulations as follows: (Ref: Para. A5a) (a) (b) The provisions of those laws and regulations generally recognized to have a direct effect on the determination of material amounts and disclosures in the financial statements such as tax and pension laws and regulations (see paragraph 13); and Other laws and regulations that do not have a direct effect on the determination of the amounts and disclosures in the financial statements, but compliance with which may be fundamental to the operating aspects of the business, to an entity s ability to continue its business, or to avoid material penalties (for example, compliance with the terms of an operating license, compliance with regulatory solvency requirements, or compliance with environmental regulations); noncompliance with such laws and regulations may therefore have a material effect on the financial statements (see paragraph 14). 7. In this ISA, differing requirements are specified for each of the above categories of laws and regulations. For the category referred to in paragraph 6(a), the auditor s responsibility is to obtain sufficient appropriate audit evidence regarding compliance with the provisions of those laws and regulations. For the category referred to in paragraph 6(b), the auditor s responsibility is limited to undertaking specified audit procedures to help identify non-compliance with those laws and regulations that may have a material effect on the financial statements. 8. The auditor is required by this ISA to remain alert to the possibility that other audit procedures applied for the purpose of forming an opinion on financial statements may bring instances of identified or suspected non-compliance to the auditor s attention. Maintaining professional skepticism throughout the audit, as required by ISA 200, 7 is important in this context, given the extent of laws and regulations that affect the entity. 8a. The auditor may have additional responsibilities under relevant ethical requirements regarding an entity s non-compliance with laws and regulations. Complying with those additional responsibilities may provide further information that is relevant to the auditor s work in accordance with this and other ISAs (for example, regarding the integrity of management or, where appropriate, those charged with governance). 7 ISA 200, paragraph 15 13

14 Effective Date 9. This ISA is effective for audits of financial statements for periods beginning on or after December 15, 2009[date]. Objectives 10. The objectives of the auditor are: (a) (b) (c) To obtain sufficient appropriate audit evidence regarding compliance with the provisions of those laws and regulations generally recognized to have a direct effect on the determination of material amounts and disclosures in the financial statements; To perform specified audit procedures to help identify instances of non-compliance with other laws and regulations that may have a material effect on the financial statements; and To respond appropriately to non-compliance or suspected non-compliance with laws and regulations identified during the audit. Definition 11. For the purposes of this ISA, the following term has the meaning attributed below: Non-compliance Acts of omission or commission by the entity, either intentional or unintentional, which are contrary to the prevailing laws or regulations. Such acts include transactions entered into by, or in the name of, the entity, or on its behalf, by those charged with governance, management or employees. Non-compliance does not include personal misconduct (unrelated to the business activities of the entity) by those charged with governance, management or employees of the entity. Requirements The Auditor s Consideration of Compliance with Laws and Regulations 12. As part of obtaining an understanding of the entity and its environment in accordance with ISA 315 (Revised), 8 the auditor shall obtain a general understanding of: (a) (b) The legal and regulatory framework applicable to the entity and the industry or sector in which the entity operates; and How the entity is complying with that framework. (Ref: Para. A7A7a) 13. The auditor shall obtain sufficient appropriate audit evidence regarding compliance with the provisions of those laws and regulations generally recognized to have a direct effect on the determination of material amounts and disclosures in the financial statements. (Ref: Para. A8) 14. The auditor shall perform the following audit procedures to help identify instances of non-compliance with other laws and regulations that may have a material effect on the financial statements: (Ref: Para. A9 A10) (a) Inquiring of management and, where appropriate, those charged with governance, as to whether the entity is in compliance with such laws and regulations; and 8 ISA 315 (Revised), Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and Its Environment, paragraph 11 14

15 (b) Inspecting correspondence, if any, with the relevant licensing or regulatory authorities. 15. During the audit, the auditor shall remain alert to the possibility that other audit procedures applied may bring instances of non-compliance or suspected non-compliance with laws and regulations to the auditor s attention. (Ref: Para. A11) 16. The auditor shall request management and, where appropriate, those charged with governance, to provide written representations that all known instances of non-compliance or suspected noncompliance with laws and regulations whose effects should be considered when preparing financial statements have been disclosed to the auditor. (Ref: Para. A12) 17. In the absence of identified or suspected non-compliance, the auditor is not required to perform audit procedures regarding the entity s compliance with laws and regulations, other than those set out in paragraphs Audit Procedures When Non-Compliance Is Identified or Suspected 18. If the auditor becomes aware of information concerning an instance of non-compliance or suspected non-compliance with laws and regulations, the auditor shall obtain: (Ref: Para. A13) (a) An understanding of the nature of the act and the circumstances in which it has occurred; and (b) Further information to evaluate the possible effect on the financial statements. (Ref: Para. A14) 19. If the auditor suspects there may be non-compliance, the auditor shall discuss the matter with management and, where appropriate, those charged with governance. If management or, as appropriate, those charged with governance do not provide sufficient information that supports that the entity is in compliance with laws and regulations and, in the auditor s judgment, the effect of the suspected non-compliance may be material to the financial statements, the auditor shall consider the need to obtain legal advice. (Ref: Para. A15 A16) 20. If sufficient information about suspected non-compliance cannot be obtained, the auditor shall evaluate the effect of the lack of sufficient appropriate audit evidence on the auditor s opinion. 21. The auditor shall evaluate the implications of non-compliance in relation to other aspects of the audit, including the auditor s risk assessment and the reliability of written representations, and take appropriate action. (Ref: Para. A17 A18a) Reporting of Identified or Suspected Non-Compliance Reporting Non-Compliance to Those Charged with Governance 22. Unless all of those charged with governance are involved in management of the entity, and therefore are aware of matters involving identified or suspected non-compliance already communicated by the auditor, 9 the auditor shall communicate with those charged with governance matters involving noncompliance with laws and regulations that come to the auditor s attention during the course of the audit, other than when the matters are clearly inconsequential. 23. If, in the auditor s judgment, the non-compliance referred to in paragraph 22 is believed to be intentional and material, the auditor shall communicate the matter to those charged with governance as soon as practicable. 9 ISA 260 (Revised), Communication with Those Charged with Governance, paragraph 13 15

16 24. If the auditor suspects that management or those charged with governance are involved in noncompliance, the auditor shall communicate the matter to the next higher level of authority at the entity, if it exists, such as an audit committee or supervisory board. Where no higher authority exists, or if the auditor believes that the communication may not be acted upon or is unsure as to the person to whom to report, the auditor shall consider the need to obtain legal advice. Reporting Non-Compliance in the Auditor s Report on the Financial Statements 25. If the auditor concludes that the non-compliance has a material effect on the financial statements, and has not been adequately reflected in the financial statements, the auditor shall, in accordance with ISA 705 (Revised), express a qualified opinion or an adverse opinion on the financial statements If the auditor is precluded by management or those charged with governance from obtaining sufficient appropriate audit evidence to evaluate whether non-compliance that may be material to the financial statements has, or is likely to have, occurred, the auditor shall express a qualified opinion or disclaim an opinion on the financial statements on the basis of a limitation on the scope of the audit in accordance with ISA 705 (Revised). 27. If the auditor is unable to determine whether non-compliance has occurred because of limitations imposed by the circumstances rather than by management or those charged with governance, the auditor shall evaluate the effect on the auditor s opinion in accordance with ISA 705 (Revised). Reporting Non-Compliance to Regulatory and Enforcement Authorities 28. If the auditor has identified or suspects non-compliance with laws and regulations, the auditor shall determine whether the auditor has a responsibility legal or ethical duty or right to report the identified or suspected non-compliance to parties outside the entity. (Ref: Para. A19 A20) Documentation 29. The auditor shall include in the audit documentation identified or suspected non-compliance with laws and regulations and the results of discussion with management and, where applicable, those charged with governance and other parties outside the entity. 11 (Ref: Para. A21) *** Application and Other Explanatory Material Responsibility for Compliance with Laws and Regulations (Ref: Para. 3 8) A1. It is the responsibility of management, with the oversight of those charged with governance, to ensure that the entity s operations are conducted in accordance with laws and regulations. Laws and regulations may affect an entity s financial statements in different ways: for example, most directly, they may affect specific disclosures required of the entity in the financial statements or they may prescribe the applicable financial reporting framework. They may also establish certain legal rights and obligations of the entity, some of which will be recognized in the entity s financial statements. In addition, laws and regulations may impose penalties in cases of non-compliance. 10 ISA 705 (Revised), Modifications to the Opinion in the Independent Auditor s Report, paragraphs ISA 230, Audit Documentation, paragraphs 8 11, and A6 16

17 A2. The following are examples of the types of policies and procedures an entity may implement to assist in the prevention and detection of non-compliance with laws and regulations: Monitoring legal requirements and ensuring that operating procedures are designed to meet these requirements. Instituting and operating appropriate systems of internal control. Developing, publicizing and following a code of conduct. Ensuring employees are properly trained and understand the code of conduct. Monitoring compliance with the code of conduct and acting appropriately to discipline employees who fail to comply with it. Engaging legal advisors to assist in monitoring legal requirements. Maintaining a register of significant laws and regulations with which the entity has to comply within its particular industry and a record of complaints. In larger entities, these policies and procedures may be supplemented by assigning appropriate responsibilities to the following: An internal audit function. An audit committee. A compliance function. Responsibility of the Auditor A3. Non-compliance by the entity with laws and regulations may result in a material misstatement of the financial statements. Detection of non-compliance, regardless of materiality, may affect other aspects of the audit including, for example, the auditor s consideration of the integrity of management or employees. A4. Whether an act constitutes non-compliance with laws and regulations is a matter for legal determination, which is ordinarily beyond the auditor s professional competence to determine. Nevertheless, the auditor s training, experience and understanding of the entity and its industry or sector may provide a basis to recognize that some acts, coming to the auditor s attention, may constitute non-compliance with laws and regulations. A5. In accordance with specific statutory requirements, the auditor may be specifically required to report, as part of the audit of the financial statements, on whether the entity complies with certain provisions of laws or regulations. In these circumstances, ISA or ISA deal with how these audit responsibilities are addressed in the auditor s report. Furthermore, where there are specific statutory reporting requirements, it may be necessary for the audit plan to include appropriate tests for compliance with these provisions of the laws and regulations. 12 ISA 700 (Revised), Forming an Opinion and Reporting on Financial Statements, paragraph ISA 800, Special Considerations Audits of Financial Statements Prepared in Accordance with Special Purpose Frameworks, paragraph 11 17

18 Categories of Laws and Regulations A5a. Examples of laws and regulations that may be included in the categories described in paragraph 6 include those that deal with: Fraud, corruption and bribery. Money laundering, terrorist financing and proceeds of crime. Securities markets and trading. Banking and other financial products and services. Tax and pension liabilities and payments. Environmental protection. Public health and safety. Considerations Specific to Public Sector Entities A6. In the public sector, there may be additional audit responsibilities with respect to the consideration of laws and regulations which may relate to the audit of financial statements or may extend to other aspects of the entity s operations. The Auditor s Consideration of Compliance with Laws and Regulations Obtaining an Understanding of the Legal and Regulatory Framework (Ref: Para. 12) A7. To obtain a general understanding of the legal and regulatory framework, and how the entity complies with that framework, the auditor may, for example: Use the auditor s existing understanding of the entity s industry, regulatory and other external factors; Update the understanding of those laws and regulations that directly determine the reported amounts and disclosures in the financial statements; Inquire of management as to other laws or regulations that may be expected to have a fundamental effect on the operations of the entity; Inquire of management concerning the entity s policies and procedures regarding compliance with laws and regulations; and Inquire of management regarding the policies or procedures adopted for identifying, evaluating and accounting for litigation claims. Laws and Regulations Generally Recognized to Have a Direct Effect on the Determination of Material Amounts and Disclosures in the Financial Statements (Ref: Para. 13) A8. Certain laws and regulations are well-established, known to the entity and within the entity s industry or sector, and relevant to the entity s financial statements (as described in paragraph 6(a)). They could include those that relate to, for example: 18

19 The form and content of financial statements; Industry-specific financial reporting issues; Accounting for transactions under government contracts; or The accrual or recognition of expenses for income tax or pension costs. Some provisions in those laws and regulations may be directly relevant to specific assertions in the financial statements (for example, the completeness of income tax provisions), while others may be directly relevant to the financial statements as a whole (for example, the required statements constituting a complete set of financial statements). The aim of the requirement in paragraph 13 is for the auditor to obtain sufficient appropriate audit evidence regarding the determination of amounts and disclosures in the financial statements in compliance with the relevant provisions of those laws and regulations. Non-compliance with other provisions of such laws and regulations and other laws and regulations may result in fines, litigation or other consequences for the entity, the costs of which may need to be provided for in the financial statements, but are not considered to have a direct effect on the financial statements as described in paragraph 6(a). Procedures to Identify Instances of Non-Compliance Other Laws and Regulations (Ref: Para. 14) A9. Certain other laws and regulations may need particular attention by the auditor because they have a fundamental effect on the operations of the entity (as described in paragraph 6(b)). Non-compliance with laws and regulations that have a fundamental effect on the operations of the entity may cause the entity to cease operations, or call into question the entity s continuance as a going concern. For example, non-compliance with the requirements of the entity s license or other entitlement to perform its operations could have such an impact (for example, for a bank, non-compliance with capital or investment requirements). There are also many laws and regulations relating principally to the operating aspects of the entity that typically do not affect the financial statements and are not captured by the entity s information systems relevant to financial reporting. A10. As the financial reporting consequences of other laws and regulations can vary depending on the entity s operations, the audit procedures required by paragraph 14 are directed to bringing to the auditor s attention instances of non-compliance with laws and regulations that may have a material effect on the financial statements. Non-Compliance Brought to the Auditor s Attention by Other Audit Procedures (Ref: Para. 15) A11. Audit procedures applied to form an opinion on the financial statements may bring instances of noncompliance or suspected non-compliance with laws and regulations to the auditor s attention. For example, such audit procedures may include: 19

20 Reading minutes; Inquiring of the entity s management and in-house legal counsel or external legal counsel concerning litigation, claims and assessments; and Performing substantive tests of details of classes of transactions, account balances or disclosures. Written Representations (Ref: Para. 16) A12. Because the effect on financial statements of laws and regulations can vary considerably, written representations provide necessary audit evidence about management s knowledge of identified or suspected non-compliance with laws and regulations, whose effects may have a material effect on the financial statements. However, written representations do not provide sufficient appropriate audit evidence on their own and, accordingly, do not affect the nature and extent of other audit evidence that is to be obtained by the auditor. 14 Audit Procedures When Non-Compliance is Identified or Suspected Indications of Non-Compliance with Laws and Regulations (Ref: Para. 18) A12a. The auditor may become aware of information about non-compliance with laws or regulations (for example, in responding to matters that the auditor is required to address under relevant ethical requirements) other than as a result of performing the procedures in paragraphs A13. If the auditor becomes aware of the existence of, or information about, tthe following matters, it may be an indication of non-compliance with laws and regulations: Investigations by regulatory organizations and government departments or payment of fines or penalties. Payments for unspecified services or loans to consultants, related parties, employees or government employees. Sales commissions or agent s fees that appear excessive in relation to those ordinarily paid by the entity or in its industry or to the services actually received. Purchasing at prices significantly above or below market price. Unusual payments in cash, purchases in the form of cashiers checks payable to bearer or transfers to numbered bank accounts. Unusual transactions with companies registered in tax havens. Payments for goods or services made other than to the country from which the goods or services originated. Payments without proper exchange control documentation. Existence of an information system which fails, whether by design or by accident, to provide an adequate audit trail or sufficient evidence. Unauthorized transactions or improperly recorded transactions. 14 ISA 580, Written Representations, paragraph 4 20

21 Adverse media comment. Matters Relevant to the Auditor s Evaluation (Ref: Para. 18(b)) A14. Matters relevant to the auditor s evaluation of the possible effect on the financial statements include: The potential financial consequences of non-compliance with laws and regulations on the financial statements including, for example, the imposition of fines, penalties, damages, threat of expropriation of assets, enforced discontinuation of operations, and litigation. Whether the potential financial consequences require disclosure. Whether the potential financial consequences are so serious as to call into question the fair presentation of the financial statements, or otherwise make the financial statements misleading. Audit Procedures (Ref: Para. 19) A15. The auditor may discuss the findings with those charged with governance where they may be able to provide additional audit evidence. For example, the auditor may confirm that those charged with governance have the same understanding of the facts and circumstances relevant to transactions or events that have led to the possibility of non-compliance with laws and regulations. However, in some jurisdictions, laws or regulations may prohibit alerting ( tipping-off ) the entity when, for example, the auditor is required to report the non-compliance to an appropriate authority pursuant to anti-money laundering legislation. A16. If management or, as appropriate, those charged with governance do not provide sufficient information to the auditor that the entity is in fact in compliance with laws and regulations, the auditor may consider it appropriate to consult with the entity s in-house legal counsel or external legal counsel about the application of the laws and regulations to the circumstances, including the possibility of fraud, and the possible effects on the financial statements. If it is not considered appropriate to consult with the entity s legal counsel or if the auditor is not satisfied with the legal counsel s opinion, the auditor may consider it appropriate to consult on a confidential basis with others within the auditor s own legal counselfirm, a network firm, a relevant professional body, or with the auditor s legal counsel as to whether a contravention of a law or regulation is involved, the possible legal consequences, including the possibility of fraud, and what further action, if any, the auditor would take. Evaluating the Implications of Non-Compliance (Ref: Para. 21) A17. As required by paragraph 21, the auditor evaluates the implications of non-compliance in relation to other aspects of the audit, including the auditor s risk assessment and the reliability of written representations. The implications of particular instances of non-compliance identified by the auditor will depend on the relationship of the perpetration and concealment, if any, of the act to specific control activities and the level of management or employees involved, especially implications arising from the involvement of the highest authority within the entity. As noted in paragraph 8a, the auditor s compliance with relevant ethical requirements may provide further information that is relevant to the auditor s responsibilities in accordance with paragraph 21. A18. In exceptional cases, the auditor may consider whether withdrawal from the engagement, where withdrawal is possible under applicable law or regulation, is necessary when management or those charged with governance do not take the remedial action that the auditor considers appropriate in 21

22 the circumstances, even when the non-compliance is not material to the financial statements. When deciding whether withdrawal from the engagement is necessary, the auditor may consider seeking legal advice. If withdrawal from the engagement is not possible, the auditor may consider alternative actions, including describing the non-compliance in an Other Matter paragraph in the auditor s report. 15 A18a. Examples of circumstances that may cause the auditor to evaluate the implications of noncompliance on the reliability of written representations received from management and, where applicable, those charged with governance include when: The auditor suspects or has evidence of the involvement or intended involvement of management and, where applicable, those charged with governance in any non-compliance. The auditor is aware that management and, where applicable, those charged with governance have knowledge of such non-compliance and, contrary to legal or regulatory requirements, have not reported, or authorized reporting of, the matter to an appropriate authority within a reasonable period. Reporting of Identified or Suspected Non-Compliance Reporting Non-Compliance to Regulatory and Enforcement Authorities (Ref: Para. 28) A19. If the auditor has identified or suspects non-compliance with laws or regulations, the auditor may consider obtaining legal advice to determine whether the auditor has a legal or ethical duty or right to report to parties outside the entity and, when applicable, the appropriate course of action in light of such duty or right. For examplethe auditor s professional duty to maintain the confidentiality of client information may preclude reporting identified or suspected non-compliance with laws and regulations to a party outside the entity. However, the auditor s legal responsibilities vary by jurisdiction and, in certain circumstances, t The duty of confidentiality may not apply or may be overridden by statute, the law or courts of lawlaws or regulations. In some jurisdictions, the auditor of a financial institution has a statutory duty to report the occurrence, or suspected occurrence, of non-compliance with laws and regulations to supervisory authorities. Also, in some jurisdictions, the auditor has a duty to report misstatements to authorities in those cases where management and, where applicable, those charged with governance fail to take corrective action. The auditor may consider it appropriate to obtain legal advice to determine the appropriate course of action. The auditor may have the right to disclose identified or suspected non-compliance with laws or regulations to an appropriate authority without breaching the duty of confidentiality. 16 The auditor s legal or ethical duties to maintain confidentiality may preclude reporting identified or suspected non-compliance with laws and regulations to a party outside the entity. Considerations Specific to Public Sector Entities A20. A public sector auditor may be obliged to report on instances of non-compliance to the legislature or other governing body or to report them in the auditor s report. 15 ISA 706, Emphasis of Matter Paragraphs and Other Matter Paragraphs in the Independent Auditor s Report, paragraph 8 16 See, for example, Section of the International Ethics Standards Board for Accountants Code of Ethics for Professional Accountants (IESBA Code). 22

23 Documentation (Ref: Para. 29) A21. The auditor s documentation of findings regarding identified or suspected non-compliance with laws and regulations may include, for example: Copies of records or documents. Minutes of discussions held with management, those charged with governance or parties outside the entity. 23

24 Other International Standards ISQC 1, Quality Control for Firms that Perform Audits and Reviews of Financial Statements, and Other Assurance and Related Services Engagements Requirements [Note: These paragraphs are unchanged.] Confidentiality, safe custody, integrity, accessibility and retrievability of engagement documentation 46. The firm shall establish policies and procedures designed to maintain the confidentiality, safe custody, integrity, accessibility and retrievability of engagement documentation. (Ref: Para. A56 A59) Application and Other Explanatory Material A56. Relevant ethical requirements establish an obligation for the firm s personnel to observe at all times the confidentiality of information contained in engagement documentation, unless specific client authority has been given to disclose information, or there is a legal or professionalethical duty or right to do so. In certain circumstances, the firm s personnel may have the legal or ethical right to disclose identified or suspected non-compliance with laws or regulations to an appropriate authority without breaching the duty of confidentiality. 17 Specific laws or regulations may impose additional obligations on the firm s personnel to maintain client confidentiality, particularly where data of a personal nature are concerned. ISA 220, Quality Control for an Audit of Financial Statements Requirements [Note: This paragraph is unchanged.] Acceptance and Continuance of Client Relationships and Audit Engagements 12. The engagement partner shall be satisfied that appropriate procedures regarding the acceptance and continuance of client relationships and audit engagements have been followed, and shall determine that conclusions reached in this regard are appropriate. (Ref: Para. A8 A9) Application and Other Explanatory Material A8a. Law, regulation, or relevant ethical requirements may require the auditor to request, prior to accepting the engagement, the predecessor auditor to provide known information regarding any facts or circumstances that, in the predecessor auditor s judgment, the auditor needs to be aware of before deciding whether to accept the engagement. 17 See, for example, Section of the IESBA Code. 24

25 ISA 240, The Auditor s Responsibilities Relating to Fraud in an Audit of Financial Statements Introduction Responsibility for the Prevention and Detection of Fraud Responsibilities of the Auditor 8a. The auditor may have responsibilities under relevant ethical requirements regarding an entity s noncompliance with laws and regulations, including fraud. Complying with those responsibilities may provide further information that is relevant to the auditor s work in accordance with this and other ISAs (for example, regarding the integrity of management or, where appropriate, those charged with governance). Requirements [Note: This paragraph is unchanged.] Communications to Management and with Those Charged with Governance 40. If the auditor has identified a fraud or has obtained information that indicates that a fraud may exist, the auditor shall communicate these matters on a timely basis to the appropriate level of management in order to inform those with primary responsibility for the prevention and detection of fraud of matters relevant to their responsibilities. (Ref: Para. A60) Communications to Regulatory and Enforcement Authorities 43. If the auditor has identified or suspects a fraud, the auditor shall determine whether there is a responsibility to report the occurrence or suspicion to a party outside the entity. Although the auditor s professional dutyrelevant ethical requirements regarding to maintaining the confidentiality of client information may preclude such reporting, in some circumstances the auditor s legal responsibilities may override the duty of confidentiality may not apply, be overridden by laws or regulations, or include a duty or right to report to an appropriate authority in some circumstances. (Ref: Para. A65 A67) Application and Other Explanatory Material Communications to Management and with Those Charged with Governance (Ref: Para ) A59a. In some jurisdictions, laws or regulations may prohibit alerting ( tipping off ) the entity when, for example, the auditor is required to report the non-compliance to an appropriate authority pursuant to anti-money laundering legislation. Communications to Regulatory and Enforcement Authorities (Ref: Para. 43) A65. The auditor s professional duty to maintain the confidentiality of client information may preclude reporting fraud or other identified or suspected non-compliance with laws or regulations to a party outside the client entity. However, the auditor s legal responsibilities vary by country and, in certain circumstances, the duty of confidentiality may be overridden by statute, the law or courts of lawlaws or regulations. Law, regulation, or relevant ethical requirements may include a duty or right to report 25

26 to an appropriate authority. In some countries, the auditor of a financial institution has a statutory duty to report the occurrence of fraud to supervisory authorities. Also, in some countries the auditor has a duty to report misstatements to authorities in those cases where management and those charged with governance fail to take corrective action. In certain circumstances, the auditor may have the right to disclose identified or suspected non-compliance with laws or regulations to an appropriate authority without breaching the duty of confidentiality. 18 ISA 260 (Revised), Communication with Those Charged with Governance Introduction The Role of Communication 7. Law or regulation may restrict the auditor s communication of certain matters with those charged with governance. For example, laws or regulations may specifically prohibit a communication, or other action, that might prejudice an investigation by an appropriate authority into an actual, or suspected, illegal act, including alerting ( tipping-off ) the entity when, for example, the auditor is required to report the non-compliance to an appropriate authority pursuant to anti-money laundering legislation. In some circumstances, potential conflicts between the auditor s obligations of confidentiality and obligations to communicate may be complex. In such cases, the auditor may consider obtaining legal advice. ISA 450, Evaluation of Misstatements Identified During the Audit Requirements [Note: This paragraph is unchanged.] Communication and Correction of Misstatements 8. The auditor shall communicate on a timely basis all misstatements accumulated during the audit with the appropriate level of management, unless prohibited by law or regulation.3 The auditor shall request management to correct those misstatements. (Ref: Para. A7 A9) Application and Other Explanatory Material Communication and Correction of Misstatements (Ref: Para. 8 9) A8. Law or regulation may restrict the auditor s communication of certain misstatements to management, or others, within the entity. For example, laws or regulations may specifically prohibit a communication, or other action, that might prejudice an investigation by an appropriate authority into an actual, or suspected, illegal act, including alerting ( tipping-off ) the entity when, for example, the auditor is required to report the non-compliance to an appropriate authority pursuant to anti-money laundering legislation. In some circumstances, potential conflicts between the auditor s obligations of confidentiality and obligations to communicate may be complex. In such cases, the auditor may consider seeking legal advice. 18 See, for example, Section of the International Ethics Standards Board for Accountants Code of Ethics for Professional Accountants (IESBA Code). 26

27 ISRE 2400 (Revised), Engagements to Review Historical Financial Statements Requirements [Note: This paragraph is unchanged.] Performing the Engagement Designing and Performing Procedures Fraud and non-compliance with laws or regulations 52. When there is an indication that fraud or non-compliance with laws or regulations, or suspected fraud or non-compliance with laws or regulations, has occurred in the entity, the practitioner shall: (a) (b) (c) (d) Communicate that matter to the appropriate level of senior management or those charged with governance as appropriate; Request management s assessment of the effect(s), if any, on the financial statements; Consider the effect, if any, of management s assessment of the effects of fraud or noncompliance with laws or regulations communicated to the practitioner on the practitioner s conclusion on the financial statements and on the practitioner s report; and Determine whether there is a responsibility to report the occurrence or suspicion of fraud or illegal acts to a party outside the entity. (Ref: Para. A92) Application and Other Explanatory Material Performing the Engagement Designing and Performing Procedures (Ref: Para. 47, 55) Procedures to Address Specific Circumstances Fraud and non-compliance with laws or regulations (Ref: Para. 52(d)) A92. Under this ISRE, if the practitioner has identified or suspects fraud or illegal acts, the practitioner is required to determine whether there is a responsibility to report the occurrence or suspicion to a party outside the entity. The practitioner s ethical, legal, and regulatory responsibilities vary by jurisdiction and, in certain circumstances, the duty of confidentiality may not apply, be overridden by laws or regulations or law, regulation, or relevant ethical requirements may include a duty or right to report to an appropriate authority. In certain circumstances, the practitioner may have the legal or ethical right to disclose identified or suspected non-compliance with laws or regulations to an appropriate authority without breaching the duty of confidentiality. 19 However, in other cases, the practitioner s legal or ethical duties to maintain confidentiality may preclude reporting identified or suspected noncompliance with laws and regulations to a party outside the entity. Although the practitioner s professional duty to maintain the confidentiality of client information may preclude such reporting, the practitioner s legal responsibilities may override the duty of confidentiality in some circumstances. 19 See, for example, Section of the International Ethics Standards Board for Accountants Code of Ethics for Professional Accountants (IESBA Code). 27

28 ISAE 3402, Assurance Reports on Controls at a Service Organization Requirements [Note: This paragraph is unchanged.] Other Communication Responsibilities 56. If the service auditor becomes aware of non-compliance with laws and regulations, fraud, or uncorrected errors attributable to the service organization that are not clearly trivial and may affect one or more user entities, the service auditor shall determine whether the matter has been communicated appropriately to affected user entities. If the matter has not been so communicated and the service organization is unwilling to do so, the service auditor shall take appropriate action. (Ref: Para. A53) Application and Other Explanatory Material Other Communication Responsibilities (Ref: Para. 56) A53. Appropriate actions to respond to the circumstances identified in paragraph 56 may include: Obtaining legal advice about the consequences of different courses of action. Communicating with those charged with governance of the service organization. Communicating with third parties (for example, a regulator) when required the auditor has a duty or right to do so. Modifying the service auditor s opinion, or adding an Other Matter paragraph. Withdrawing from the engagement. 28

29 COPYRIGHT, TRADEMARK, AND PERMISSIONS INFORMATION International Standards on Auditing, International Standards on Assurance Engagements, International Standards on Review Engagements, International Standards on Related Services, International Standards on Quality Control, International Auditing Practice Notes, Exposure Drafts, Consultation Papers, and other IAASB publications are published by, and copyright of, the International Federation of Accountants (IFAC ). The IAASB and IFAC do not accept responsibility for loss caused to any person who acts or refrains from acting in reliance on the material in this publication, whether such loss is caused by negligence or otherwise. The IAASB logo, International Auditing and Assurance Standards Board, IAASB, International Standard on Auditing, ISA, International Standard on Assurance Engagements, ISAE, International Standards on Review Engagements, ISRE, International Standards on Related Services, ISRS, International Standards on Quality Control, ISQC, International Auditing Practice Note, IAPN, the IFAC logo, International Federation of Accountants, and IFAC are trademarks or registered trademarks and service marks of IFAC. Copyright July 2015 by the International Federation of Accountants (IFAC). All rights reserved. Permission is granted to make copies of this work to achieve maximum exposure and feedback provided that each copy bears the following credit line: Copyright [Month and Year] by the International Federation of Accountants (IFAC). All rights reserved. Used with permission of IFAC. Permission is granted to make copies of this work to achieve maximum exposure and feedback. Published by:

INTERNATIONAL STANDARD ON AUDITING 250 CONSIDERATION OF LAWS AND REGULATIONS (Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS Paragraph Introduction

HKSA 250 Issued July 2009; revised July 2010 Effective for audits of financial statements for periods beginning on or after 15 December 2009 Hong Kong Standard on Auditing 250 Consideration of Laws and

Consideration of Laws and Regulations 193 AU-C Section 250 Consideration of Laws and Regulations in an Audit of Financial Statements Source: SAS No. 122. Effective for audits of financial statements for

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 250 SECTION A - CONSIDERATION OF LAWS AND REGULATIONS IN AN AUDIT OF FINANCIAL STATEMENTS (Effective for audits of financial statements for periods ending

Exposure Draft May 2014 Comments due: September 11, 2014 Proposed Changes to the International Standards on Auditing (ISAs) Addressing Disclosures in the Audit of Financial Statements This Exposure Draft

October 15. 2015 IAASB Ref: ED Responding to Non-Compliance or Suspected Non-Compliance with Laws and Regulations FSR - danske revisorer welcomes this project to ensure consistency between ISAs and the

INTERNATIONAL STANDARD ON ENGAGEMENTS 2410 OF INTERIM FINANCIAL INFORMATION PERFORMED BY THE INDEPENDENT AUDITOR OF THE ENTITY (Effective for reviews of interim financial information for periods beginning

INTERNATIONAL STANDARD ON AUDITING 700 (REVISED) FORMING AN OPINION AND REPORTING ON FINANCIAL STATEMENTS (Effective for audits of financial statements for periods ending on or after December 15, 2016)

International Auditing and Assurance Standards Board Exposure Draft October 2007 Comments are requested by February 15, 2008 Proposed Revised and Redrafted International Standard on Auditing ISA 620, Using

International Auditing and Assurance Standards Board Exposure Draft April 2007 Comments are requested by September 15, 2007 Proposed Revised and Redrafted International Standard on Auditing ISA 200, Overall

CONFORMING AMENDMENTS TO THE PREFACE AND OTHER ISAs AS A RESULT OF ISA 200 (REVISED AND REDRAFTED), OVERALL OBJECTIVES OF THE INDEPENDENT AUDITOR AND THE CONDUCT OF AN AUDIT IN ACCORDANCE WITH INTERNATIONAL

INTERNATIONAL STANDARD ON 200 OVERALL OBJECTIVES OF THE INDEPENDENT AUDITOR AND THE CONDUCT OF AN AUDIT IN ACCORDANCE WITH INTERNATIONAL STANDARDS ON (Effective for audits of financial statements for periods

SINGAPORE STANDARD ON AUDITING SSA 570 (Revised) Going Concern SSA 570, Going Concern superseded SSA 570 of the same title in September 2009. This SSA is revised in July 2015 and is effective for audits

The International Standards of Supreme Audit Institutions, ISSAI, are issued by the International Organization of Supreme Audit Institutions, INTOSAI. For more information visit www.issai.org. Financial

INTERNATIONAL STANDARD ON AUDITING 260 COMMUNICATION WITH THOSE CHARGED WITH GOVERNANCE (Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS Paragraph

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 200 OVERALL OBJECTIVES OF THE INDEPENDENT AUDITOR AND THE CONDUCT OF AN AUDIT IN ACCORDANCE WITH INTERNATIONAL STANDARDS ON AUDITING (UK AND IRELAND)

INTERNATIONAL STANDARD ON 220 QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS (Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS Introduction

INTERNATIONAL STANDARD ON AUDITING 600 SPECIAL CONSIDERATIONS AUDITS OF GROUP FINANCIAL STATEMENTS (INCLUDING THE WORK OF COMPONENT AUDITORS) (Effective for audits of group financial statements for periods

INTERNATIONAL STANDARD ON 240 THE AUDITOR S RESPONSIBILITIES RELATING TO (Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS Paragraph Introduction

International Auditing and Assurance Standards Board December 2003 Revised March 2008 International Framework for Assurance Engagements FRAMEWORK International Auditing and Assurance Standards Board International

G5INTERNATIONAL STANDARD ON 570 GOING CONCERN (Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS Paragraph Introduction Scope of this ISA... 1 Going

The International Standards of Supreme Audit Institutions, ISSAI, are issued by the International Organization of Supreme Audit Institutions, INTOSAI. For more information visit www.issai.org. Financial

INTERNATIONAL STANDARD ON ASSURANCE ENGAGEMENTS 3000 ASSURANCE ENGAGEMENTS OTHER THAN AUDITS OR REVIEWS OF HISTORICAL FINANCIAL INFORMATION (Effective for assurance reports dated on or after January 1,

PROPOSED CLARIFIED INTERNATIONAL STANDARD ON QUALITY CONTROL (UK AND IRELAND) 1 QUALITY CONTROL FOR FIRMS THAT PERFORM AUDITS AND REVIEWS OF FINANCIAL STATEMENTS, AND OTHER ASSURANCE AND RELATED SERVICES

INTERNATIONAL FOR ASSURANCE ENGAGEMENTS (Effective for assurance reports issued on or after January 1, 2005) CONTENTS Paragraph Introduction... 1 6 Definition and Objective of an Assurance Engagement...

Basis for Conclusions: ISA 600 (Revised and Redrafted), Special Considerations Audits of Group Financial Statements (Including the Work of Component Auditors) Prepared by the Staff of the International

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 240 Introduction THE AUDITOR S RESPONSIBILITIES RELATING TO FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS (Effective for audits of financial statements for

HKSA 600 Issued September 2009; revised July 2010, May 2013, June 2014*, February 2015 Effective for audits of financial statements for periods beginning on or after 15 December 2009 Hong Kong Standard

INTERNATIONAL STANDARD ON 700 FORMING AN OPINION AND REPORTING ON FINANCIAL STATEMENTS (Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS Paragraph

INTERNATIONAL STANDARD ON ASSURANCE ENGAGEMENTS (ISAE) 3402 ASSURANCE REPORTS ON CONTROLS AT A SERVICE ORGANIZATION (Effective for service auditors assurance reports covering periods ending on or after

The International Standards of Supreme Audit Institutions, ISSAI, are issued by the International Organization of Supreme Audit Institutions, INTOSAI. For more information visit www.issai.org. Financial

INTERNATIONAL STANDARD ON AUDITING 200 OBJECTIVE AND GENERAL PRINCIPLES GOVERNING (Effective for audits of financial statements for periods beginning on or after December 15, 2005. The Appendix contains

INTERNATIONAL STANDARD ON QUALITY CONTROL 1 QUALITY CONTROL FOR FIRMS THAT PERFORM AUDITS AND REVIEWS OF FINANCIAL STATEMENTS, AND OTHER ASSURANCE AND RELATED SERVICES ENGAGEMENTS (Effective as of December

INTERNATIONAL STANDARD ON AUDITING 720 THE AUDITOR S RESPONSIBILITIES RELATING TO OTHER INFORMATION IN DOCUMENTS CONTAINING AUDITED FINANCIAL STATEMENTS (Effective for audits of financial statements for

ASA 600 (October 2009) Auditing Standard ASA 600 Special Considerations Audits of a Group Financial Report (Including the Work of Component Auditors) Issued by the Auditing and Assurance Standards Board

Exposure Draft December 2015 Comments due: April 18, 2016 International Ethics Standards Board for Accountants Improving the Structure of the Code of Ethics for Professional Accountants Phase 1 This Exposure

ISA 240 February 2008 International Standard on Auditing The Auditor s Responsibilities Relating to Fraud in an Audit of Financial Statements INTERNATIONAL STANDARD ON AUDITING 240 The Auditor s Responsibilities

Standard Audit and Assurance Financial Reporting Council June 2013 International Standard on Auditing (UK and Ireland) 700 The independent auditor s report on fi nancial statements The FRC is responsible

INTERNATIONAL STANDARD ON AUDITING 805 SPECIAL CONSIDERATIONS AUDITS OF SINGLE FINANCIAL STATEMENTS AND SPECIFIC ELEMENTS, ACCOUNTS OR ITEMS OF A FINANCIAL STATEMENT (Effective for audits for periods beginning

The International Standards of Supreme Audit Institutions, ISSAI, are issued by the International Organization of Supreme Audit Institutions, INTOSAI. For more information visit www.issai.org. Financial

August 2004 Questions and Answers First Time Adoption of International Financial Reporting Standards Guidance for Auditors on Reporting Issues First Time Adoption of International Financial Reporting Standards

I.460 Auditing and Assurance SA 600 USING THE WORK OF ANOTHER AUDITOR (EFFECTIVE FOR ALL AUDITS RELATING TO ACCOUNTING PERIODS BEGINNING ON OR AFTER APRIL 1, 2002) Introduction 1. The Standard on Auditing

INTERNATIONAL STANDARD ON AUDITING 230 AUDIT DOCUMENTATION (Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS Paragraph Introduction Scope of this

SRI LANKA STANDARD 700 FORMING AN OPINION AND REPORTING ON FINANCIAL STATEMENTS (Effective for audits of financial statements for periods beginning on or after 01 January 2014) CONTENTS Paragraph Introduction

The IAASB s Work Plan for 2015 2016 December 2014 International Auditing and Assurance Standards Board Work Plan for 2015 2016: Enhancing Audit Quality and Preparing for the Future This document was developed

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 402 AUDIT CONSIDERATIONS RELATING TO AN ENTITY USING A SERVICE ORGANIZATION (Effective for audits of financial statements for periods ending on or after

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 240 THE AUDITOR S RESPONSIBILITY TO CONSIDER FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS Paragraphs Introduction... 1-3 Characteristics of Fraud...

International Ethics Standards Board for Accountants Exposure Draft December 2006 Comments are requested by April 30, 2007 Section 290 of the Code of Ethics Independence Audit and Review Engagements Section

IFAC Board Basis for Conclusions Exposure Draft Prepared by the Staff of the IESBA October 2011 March 2013 Comments due: February 29, 2012 International Ethics Standards Board for Accountants Change to

Compiled Auditing Standard ASA 240 (November 2013) Auditing Standard ASA 240 The Auditor's Responsibilities Relating to Fraud in an Audit of a Financial Report This compilation was prepared on 11 November

INTERNATIONAL STANDARD ON AUDITING 800 SPECIAL CONSIDERATIONS AUDITS OF FINANCIAL STATEMENTS PREPARED IN ACCORDANCE WITH SPECIAL PURPOSE FRAMEWORKS (Effective for audits of financial statements for periods

ISA 805 March 2009 International Standard on Auditing Special Considerations - Audits of Single Financial Statements and Specific Elements, Accounts or Items of a Financial Statement INTERNATIONAL STANDARD

ISSAI 200 ISSAI The 200 International Fundamental Standards Principles of Supreme of Financial Audit Institutions, Auditing or ISSAIs, are issued by INTOSAI, the International Organisation of Supreme Audit

INTERNATIONAL STANDARD ON AUDITING 570 GOING CONCERN (Effective for audits of financial statements for periods ending on or after December 31, 2000, but contains conforming amendments that become effective

IFAC Board Exposure Draft November 2014 Comments due: April 15, 2015 International Ethics Standards Board for Accountants Proposed Changes to Part C of the Code Addressing Presentation of Information and

INTERNATIONAL STANDARD ON 710 COMPARATIVE INFORMATION CORRESPONDING FIGURES AND COMPARATIVE FINANCIAL STATEMENTS (Effective for audits of financial statements for periods beginning on or after December

The International Standards of Supreme Audit Institutions, ISSAI, are issued by the International Organization of Supreme Audit Institutions, INTOSAI. For more information visit www.issai.org. Financial

July 2005 Standards for Investment Reporting 1000 INVESTMENT REPORTING STANDARDS APPLICABLE TO ALL ENGAGEMENTS IN CONNECTION WITH AN INVESTMENT CIRCULAR LIMITED The Auditing Practices Board Limited, which

INTERNATIONAL STANDARD ON AUDITING 510 INITIAL AUDIT ENGAGEMENTS OPENING BALANCES (Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS Paragraph Introduction

Education Committee Exposure Draft April 2005 Comments are requested by July 15, 2005 Proposed International Education Standard for Professional Accountants Competence Requirements for Audit Professionals

Policy Statement May 2015 International Federation of Accountants Policy for Translating and Reproducing Standards Published by the International Federation of Accountants This document was developed and

Certified Public Accountants accounting alert 2006-04: December 14, 2006 New Wording for the Independent Auditor s Report In a capsule A new wording for the independent auditor s report with unqualified